X

Mac OS X trojan uses your Mac to mint Bitcoins for hackers

A new piece of malware called DevilRobber hides in Mac app torrents and uses your video card to generate real cash moneys for hackers.

Tom Davenport
Tom Davenport spent several years flirting with music production before admitting he preferred writing about technology online. He once performed in a Superbowl commercial, but you'll never find it online. Tom is a freelance writer and is not an employee of CNET.
Tom Davenport
2 min read

Mac owners should be wary of online pirates trying to steal their digital gold -- a new OS X trojan called DevilRobber has been spotted out on the high seas of the Web.

As well as the usual nasty tricks you would expect from malware, like nicking all your personal details, DevilRobber hijacks your video card to generate Bitcoins, a type of virtual currency with its own exchange rate.

The trojan was found by the antivirus developer Intego, which spotted it being bundled with apps on torrent sites. Not to condone it, but DevilRobber is quite a clever chunk of code that bundles several types of malware together for a triple-whammy of ninja hacks.

First off, you won't notice it because it hides inside the app you downloaded. When it wakes, it knows to switch off an app called Little Snitch, a tool commonly used by torrent users that acts as a gatekeeper for Internet connections. When it gets a clear path, hackers have a back door to your computer and can steal your hard-earned Bitcoins, should you have any.

As if that wasn't cheeky enough, it jacks into the video card on every infected computer and essentially builds an international supercomputer that generates brand-new Bitcoins, which the hackers can go and exchange for real money.

The current exchange rate for 1 Bitcoin is £1.90, so you could argue that the hackers behind DevilRobber have succeeded in something alchemists couldn't manage for thousands of years -- they've made gold from thin air.

Perhaps worst of all is how DevilRobber can pinch your various usernames and passwords, including your Mac login. With that information, they could connect to your Mac and do just about anything they please with it. No one wants their beloved Mac kidnapped and abused like that.

Thankfully, Intego says the software isn't widespread just yet. You're best off avoiding torrent sites, and instead getting all your software through the Mac App Store, where Apple has installed a high safety fence to ward off this sort of gremlin. And yes, you could argue for plenty of legitimate means of using torrents, but even the legal software available could have been fiddled with.

Hopefully Apple will be quick to release a patch. Meanwhile, if you've had a malware scare, share your story in the comments section or over on our Facebook page.